A temporal identity vault used to authenticate an individual is described herein. User identifying input is received on a device, such as a cell phone. The identifying input is, in some examples, encrypted and stored as a temporal identity vault. The temporal identity vault is configured for a use. The use may be a time, location, or the like. A beacon is associated with the temporal identity vault. If the beacon is at a location relative to an object, the authentication process is started. The information stored in the temporal identity vault is authenticated at a central service. Upon authentication, the user is permitted to operate an object. The temporal identity vault may thereafter be deleted.
Legal claims defining the scope of protection, as filed with the USPTO.
1. A method, the method comprising: receiving, at a user device of a user, an input to generate a temporal identity vault; receiving, at the user device of the user, user identity data of the user comprising user biometric data of the user; receiving, at the user device of the user and from the user, a temporal identity vault configuration; applying, by the user device of the user, the temporal identity vault configuration to the temporal identity vault comprising the user identity data to generate a configured temporal identity vault that identifies the user; associating a beacon with an object to control access to the user identity data of the user using the temporal identity vault configuration; storing the configured temporal identity vault comprising the user identity data on the user device of the user; receiving a second temporal identity vault configuration associated with a second beacon to control access to one of the user identity data or another user identity data; applying the second temporal identity vault configuration to the configured temporal identity vault including a configuration that access to the one of the user identity data or the other user identity data in association with the second beacon is allowed if the user identity data was used to authenticate the user in association with first beacon; and storing the configured temporal identity vault to which the second temporal identity vault configuration was applied.
2. The method of claim 1 , further comprising transmitting a copy of the configured temporal identity vault to a central authentication service.
3. The method of claim 1 , wherein storing the configured temporal identity vault further comprises encrypting the user identity data.
4. The method of claim 1 , wherein the beacon comprises a key fob or cellular device.
5. The method of claim 1 , wherein the object comprises a location.
6. The method of claim 5 , wherein the object comprises a lock or a computing device.
7. The method of claim 1 , wherein the object comprises a time.
8. The method of claim 1 , further comprising: receiving the other user identity data; and associating a second beacon with a second object to control access to the other user identity data; and wherein the stored configured temporal identity vault to which the second temporal identity vault configuration was applied comprises the other user identity data on the user device.
9. The method of claim 8 , wherein the second temporal identity vault configuration comprises an access configuration.
10. The method of claim 9 , wherein the access configuration comprises the configuration that the other user identity data is accessible if the user identity data was used to authenticate the user in association with first beacon.
11. A method of authenticating a user, comprising; receiving, at a central authentication service and from a user device that is separate from the central authentication service, a first request to authenticate a user of the user device; receiving user identity information of the user associated with a temporal identity vault that identifies the user, the temporal identity vault that identifies the user being generated, based on a temporal identity vault configuration, at the user device of the user that is separate from the central authentication service; determining if the temporal identity vault is available for use using the temporal identity vault configuration; if the temporal identity vault is available for use, comparing the received user identity information of the user associated with the temporal identity vault to user identification identity information of the user stored at the central authentication service; authenticating the user if the received user identity information is the same as the user identity information stored at the central authentication service; transmitting an authentication successful message; receiving, at the central authentication service, a second request to authenticate the user of the user device; determining the user was successfully authenticated in response to the first request to authenticate the user of the user device; and authenticating the user in response to the second request to authenticated based at least in part on the determining the user was successfully authenticated in response to the first request to authenticate.
12. The method of claim 11 , wherein determining if the temporal identity vault is available for use comprises determining if a beacon associated with the user identification received at the central authentication service is proximate to an object.
13. The method of claim 12 , wherein the beacon comprises a key fob or cellular device.
14. The method of claim 12 , wherein the object comprises a location.
15. The method of claim 12 , wherein the object comprises a lock or a computing device.
16. The method of claim 12 , wherein the object comprises a time.
17. An apparatus comprising: a non-transitory storage medium; and instructions stored in the non-transitory storage medium, the instructions being executable by the apparatus to: receive, at a central authentication service and from a user device that is separate from the central authentication service, a first request to authenticate a user of the user device; receive user identity information of the user associated with a temporal identity vault that identifies the user, the temporal identity vault that identifies the user being generated, based on a temporal identity vault configuration, at the user device of the user that is separate from the central authentication service; determine if the temporal identity vault is available for use; if the temporal identity vault is available for use, compare the received user identity information of the user associated with the temporal identity vault to user identification identity information of the user stored at the central authentication service; authenticate the user if the received user identity information is the same as the user identity information stored at the central authentication service; transmit an authentication successful message; receive, at the central authentication service, a second request to authenticate the user of the user device; determine the user was successfully authenticated in response to the first request to authenticate the user of the user device; and authenticate the user in response to the second request to authenticated based at least in part on the determining the user was successfully authenticated in response to the first request to authenticate.
18. The apparatus of claim 17 , wherein the computer-executable instructions to determine if the temporal identity vault is available for use comprises computer-executable instructions to determine if a beacon associated with the user identification received at the central authentication service is proximate to an object.
19. The apparatus of claim 18 , wherein the beacon comprises a key fob or a cellular device.
20. The apparatus of claim 18 , wherein the object comprises a location, a lock, or a computing device.
Cooperative Patent Classification codes for this invention. Click any code to explore related patents in that topic.
August 28, 2017
August 25, 2020
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.